Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress 1.7.0.14

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 11, 2023

The Charitable plugin for WordPress is not safe to use in versions up to 1.7.0.13. A user with contributor-level or higher permissions can inject malicious web scripts into pages. Whenever someone visits an injected page, the malicious web script will execute. This could cause data to be stolen or the user’s device to become infected with malware.

Detected in:

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More fixed vulnerable versions:
Charitable – Donation Plugin for WordPress – Fundraisng with Recurring Donations & More fixed vulnerable versions:
Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress fixed vulnerable versions: >= * < 1.7.0.14

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.